Title: An ontological approach to threats pattern collection and classification: a preliminary study to security management
Authors: Oluwasefunmi T. Arogundade; Temitope Elizabeth Abioye; Misra Sanjay
Addresses: Department of Computer Science, Federal University of Agriculture, Abeokuta PMB 2240, Ogun State Nigeria ' Department of Computer Science, Federal University of Agriculture, Abeokuta PMB 2240, Ogun State Nigeria ' Department of Electrical and Information Engineering, Covenant University, Nigeria
Abstract: This study presents an agent based approach to resolve issues related to the collection and classification of software application anomalies and misuses with the aim of facilitating the reappraisal of security controls of information system (IS). The proposed system is assumed to be integrated with the existing IS in order to enhance information system security maintenance by continuously collecting identified threat behaviour from the application intrusion detection system (IDS). The system comprises of several functional agents like the input collector agent, classifier agent, and tracking agent. The collector agent collects the identified threats by the IDS, the categoriser agent categorises according to STRIDE model using pattern matching algorithm on the content of security knowledge base. The security knowledge repository is developed based on existing security ontology. The classifier classifies based on the threats IP address while the tracking agent collates all the threats profile. The collect-categorise-classify-track (C3T) model is hereby presented. The potential usability of this work is demonstrated by a case study and its useful integration with further studies is also discussed.
Keywords: threats; STRIDE; ontology; intrusion detection system; IDS; agents; risk; security.
International Journal of Electronic Security and Digital Forensics, 2020 Vol.12 No.3, pp.323 - 335
Received: 12 Feb 2019
Accepted: 03 Oct 2019
Published online: 08 Jul 2020 *